Mouse acting crazy

  1. 09-06-2007  #11
    t420bone
    t420bone is offline Newbie

    Re: Mouse acting crazy

    did that... nothing found. Nothing found with Ad-Aware as well.

  3. 09-06-2007  #12
    Neal
    Neal is offline Dedicated Member
    You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

    Please download AproposFix from here:
    http://swandog46.geekstogo.com/aproposfix.exe

    Save it to your desktop but do NOT run it yet.

    Then please reboot your computer in Safe Mode by doing the following:
    1) Restart your computer
    2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
    3) Instead of Windows loading as normal, a menu should appear
    4) Select the first option, to run Windows in Safe Mode.


    Once in Safe Mode, please double-click aproposfix.exe and unzip it to the desktop. Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.

    When the tool is finished, please reboot back into normal mode, and post a new HijackThis log, along with the entire contents of the log.txt file in the aproposfix folder.
  4. 13-06-2007  #13
    t420bone
    t420bone is offline Newbie
    Deckard's System Scanner v20070611.50
    Run by Administrator on 2007-06-13 at 03:47:36
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    System Restore is disabled; attempting to re-enable...success.


    -- Last 1 Restore Point(s) --
    1: 2007-06-13 07:47:38 UTC - RP1 - System Checkpoint


    Backed up registry hives.

    Performed disk cleanup.


    -- HijackThis (run as Administrator.exe) ---------------------------------------

    Logfile of HijackThis v1.99.1
    Scan saved at 3:49:00 AM, on 6/13/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\WINDOWS\system32\devldr32.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\G7TFQAZT\dss[1].exe
    C:\DOCUME~1\ADMINI~1\Desktop\Administrator.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.2.100.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by135fd.bay135.hotmail.msn.co...s/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1160715227008
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
    O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://pcpitstop.com/antivirus/PitPav.cab
    O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by135fd.bay135.hotmail.msn.co...x/HMAtchmt.ocx
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe


    -- File Associations -----------------------------------------------------------

    .ini - GetDiz.Document - DefaultIcon - unable to read value
    .ini - GetDiz.Document - shell\open\command - "C:\Program Files\GetDiz\GetDiz.exe" "%1"


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
    R3 SAMFILT - c:\windows\system32\drivers\samfilt.sys <Not Verified; Dolphin, Inc.; Dolphin Keyboard Filter>

    S1 atitray - c:\program files\radeon omega drivers\v3.8.291\ati tray tools\atitray.sys (file missing)


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    All services whitelisted.


    -- Scheduled Tasks -------------------------------------------------------------

    2007-06-06 13:52:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


    -- Files created between 2007-05-13 and 2007-06-13 -----------------------------

    2007-06-11 21:23:38 0 d-------- C:\Documents and Settings\General Ghost\Application Data\ATI
    2007-06-11 21:08:43 0 d-------- C:\Documents and Settings\General Ghost\Application Data\Macromedia
    2007-06-11 21:01:07 0 d-------- C:\Documents and Settings\General Ghost\Application Data\Identities
    2007-06-11 20:57:48 0 d--h----- C:\Documents and Settings\General Ghost\Templates
    2007-06-11 20:57:48 0 dr------- C:\Documents and Settings\General Ghost\Start Menu
    2007-06-11 20:57:48 0 dr-h----- C:\Documents and Settings\General Ghost\SendTo
    2007-06-11 20:57:48 0 dr-h----- C:\Documents and Settings\General Ghost\Recent
    2007-06-11 20:57:48 0 d--h----- C:\Documents and Settings\General Ghost\PrintHood
    2007-06-11 20:57:48 786432 --ah----- C:\Documents and Settings\General Ghost\NTUSER.DAT
    2007-06-11 20:57:48 0 d--h----- C:\Documents and Settings\General Ghost\NetHood
    2007-06-11 20:57:48 0 dr------- C:\Documents and Settings\General Ghost\My Documents
    2007-06-11 20:57:48 0 d--h----- C:\Documents and Settings\General Ghost\Local Settings
    2007-06-11 20:57:48 0 dr------- C:\Documents and Settings\General Ghost\Favorites
    2007-06-11 20:57:48 0 d-------- C:\Documents and Settings\General Ghost\Desktop
    2007-06-11 20:57:48 0 d---s---- C:\Documents and Settings\General Ghost\Cookies
    2007-06-11 20:57:48 0 dr-h----- C:\Documents and Settings\General Ghost\Application Data
    2007-06-11 20:57:48 0 d---s---- C:\Documents and Settings\General Ghost\Application Data\Microsoft
    2007-06-11 18:29:29 0 d-------- C:\Program Files\PCPitstop
    2007-06-10 20:09:48 0 d-------- C:\Documents and Settings\Sergeant T. Bone\Application Data\Sun
    2007-06-10 19:53:37 0 d-------- C:\Documents and Settings\Sergeant T. Bone\Application Data\Macromedia
    2007-06-10 19:48:14 0 d-------- C:\Documents and Settings\Sergeant T. Bone\Application Data\ATI
    2007-06-10 19:48:04 0 d-------- C:\Documents and Settings\Sergeant T. Bone\Application Data\Identities
    2007-06-10 19:47:55 0 d--h----- C:\Documents and Settings\Sergeant T. Bone\Templates
    2007-06-10 19:47:55 0 dr------- C:\Documents and Settings\Sergeant T. Bone\Start Menu
    2007-06-10 19:47:55 0 dr-h----- C:\Documents and Settings\Sergeant T. Bone\SendTo
    2007-06-10 19:47:55 0 dr-h----- C:\Documents and Settings\Sergeant T. Bone\Recent
    2007-06-10 19:47:55 0 d--h----- C:\Documents and Settings\Sergeant T. Bone\PrintHood
    2007-06-10 19:47:55 786432 --ah----- C:\Documents and Settings\Sergeant T. Bone\NTUSER.DAT
    2007-06-10 19:47:55 0 d--h----- C:\Documents and Settings\Sergeant T. Bone\NetHood
    2007-06-10 19:47:55 0 dr------- C:\Documents and Settings\Sergeant T. Bone\My Documents
    2007-06-10 19:47:55 0 d--h----- C:\Documents and Settings\Sergeant T. Bone\Local Settings
    2007-06-10 19:47:55 0 dr------- C:\Documents and Settings\Sergeant T. Bone\Favorites
    2007-06-10 19:47:55 0 d-------- C:\Documents and Settings\Sergeant T. Bone\Desktop
    2007-06-10 19:47:55 0 d---s---- C:\Documents and Settings\Sergeant T. Bone\Cookies
    2007-06-10 19:47:55 0 dr-h----- C:\Documents and Settings\Sergeant T. Bone\Application Data
    2007-06-10 19:47:55 0 d---s---- C:\Documents and Settings\Sergeant T. Bone\Application Data\Microsoft
    2007-06-10 17:45:41 0 d-------- C:\aproposfix
    2007-06-08 01:25:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
    2007-06-08 00:21:55 0 d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
    2007-06-07 23:55:39 0 d--hs---- C:\WINDOWS\CSC
    2007-06-06 00:29:01 0 d-------- C:\Program Files\Apple Software Update
    2007-06-06 00:28:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-06-05 21:31:28 0 d-------- C:\Program Files\DivX
    2007-06-05 13:44:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Uniblue
    2007-06-03 10:52:24 0 d-------- C:\data
    2007-05-30 23:44:09 0 d-------- C:\Program Files\BHODemon 2
    2007-05-23 22:54:30 0 d-------- C:\Program Files\NimoCodec Pack
    2007-05-23 22:52:16 27648 --a------ C:\WINDOWS\system32\ir50_lcs.dll <Not Verified; Intel Corporation.; Intel Indeo® video 5.0 LC>
    2007-05-23 22:51:57 0 d-------- C:\Documents and Settings\Administrator\WINDOWS
    2007-05-23 22:12:24 0 d-------- C:\Program Files\DivXCodec
    2007-05-23 22:07:19 56320 -----n--- C:\WINDOWS\system32\iyvu9_32.dll
    2007-05-23 22:07:19 136704 --a------ C:\WINDOWS\system32\iacenc.dll <Not Verified; Ligos Corporation; Indeo® Audio Software>
    2007-05-23 22:07:18 0 d-------- C:\Program Files\Ligos
    2007-05-23 22:02:13 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
    2007-05-23 18:08:21 0 d-------- C:\Program Files\Shareaza
    2007-05-23 18:08:21 0 d-------- C:\Documents and Settings\Administrator\Application Data\Shareaza


    -- Find3M Report ---------------------------------------------------------------

    2007-06-09 15:09:54 0 d-------- C:\Documents and Settings\Administrator\Application Data\uTorrent


    -- Registry Dump ---------------------------------------------------------------

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run]
    "AtiPTA"="atiptaxx.exe"
    "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
    "IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\ipoint.exe\""

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run]
    "Uniblue RegistryBooster2"="C:\\Program Files\\Uniblue\\RegistryBooster 2\\RegistryBooster.exe /S"

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
    "DisableRegistryTools"=dword:00000000

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\shellserviceobjectdelayload]
    "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ scecli\0\0


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="msmsgs"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnph ost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0


    [HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\G]
    Shell\AutoRun\command G:\trophy_bass_2007.exe


    -- End of Deckard's System Scanner: finished at 2007-06-13 at 03:53:23 ---------
  5. 13-06-2007  #14
    Neal
    Neal is offline Dedicated Member
    Save 20% on AVG Internet Security 2012 Suite!
    Post #12 please
+ Reply to Thread
Page 2 of 2 FirstFirst 1 2
« HijackThis Log - please review | Configuring Symantec File realtime protection »